Projects
Python Ransomware With Discord Webhook
A ransomware-like file encryption and decryption process using the cryptography.fernet library in Python. The generated encryption key is sent to a Discord webhook
Python Ransomware With Discord Webhook
Project Overview
This project demonstrates a ransomware-like file encryption and decryption process using the cryptography.fernet library in Python. The script recursively encrypts all files in a specified directory (creds folder inside the user's home directory) and stores a ransom note, warning the victim about the encryption.
The generated encryption key is sent to a Discord webhook along with system details such as IP address, MAC address, and hostname. The decryption script allows users to enter the correct encryption key to recover their files, removing the ransom note upon successful decryption.
Key Features
- Encrypt one file or multiple folders recursively
- Decryption Key sent to attacker's discord API
- Victim's IP Address and MAC Address also sent to Attacker
- Pre-written ransomware note written to file path of attacker's choice
- Decryption script removes the ransomware note and decrypts folders recursively
Technologies Used
- Python for core functionality
- Cryptography library for encryption and decryption keys
- api.ipify.org for getting victim's IP Address
- Discord bot to recieve decryption key and send it to attacker in Discord
Challenges & Solutions
One of the main challenges was understanding how to send the credential to my discord bot. I had to look up youtube tutorials and documentations to figure out how to create a discord bot and implement it's API into the python script.
Results & Impact
The ecnryption was able to encrpyt my fake confidential files and pictures, i managed to recieve the decryption key via my discord and use my decryption key to decrpyt the files. The project showcases fundamental concepts of symmetric encryption, file handling, and automation using Python.
Python Machine learning program
A Machine Learning program implemented in python to detect and predict malicious websites from a list of csv files.
Python Machine learning program
Project Overview
A Machine Learning program implemented in python to detect and predict malicious websites from a list of csv files. This project aims to develop a machine learning model capable of classifying URLs as either "Benign" (safe) or "Malicious" (potentially harmful, e.g., phishing, malware). The analysis utilizes a dataset containing various features extracted from URLs, WHOIS registration information, and associated network traffic characteristics. The primary goal demonstrated in the provided script is to meticulously clean and explore this dataset to prepare it for subsequent model training and evaluation. The target variable for classification is Type, where 0 represents Benign and 1 represents Malicious.
Key Features
- Handling of missing values through imputation (median) and strategic removal
- Standardization of categorical features (Charset, Server, Country, State)
- Exploratory Data Analysis (EDA) using statistical summaries and visualizations
- Visualization of feature distributions, correlations, and relationships with the target variable
- Identification of class imbalance in the target variable (Benign vs. Malicious)
- Automated dataset profiling for quick overview and quality checks
Technologies Used
- Python as the primary programming language
- Pandas for data manipulation, cleaning, and loading
- Matplotlib & Seaborn for data visualization (histograms, boxplots, heatmaps, etc.)
- Scikit-learn for machine learning utilities (preprocessing, metrics - though modeling is a next step)
- Imbalanced-learn (SMOTE) for addressing class imbalance (imported, planned for use)
- XGBoost & SHAP for advanced modeling and interpretation (imported, planned for use)
Challenges & Solutions
The primary challenges involved handling the significant amount of missing data and the inconsistency within categorical features (like server names, country codes, character sets). Solutions implemented included:
- Using median imputation for numerical/date columns (`CONTENT_LENGTH`, `WHOIS_REGDATE`, `WHOIS_UPDATED_DATE`) to preserve data while filling gaps.
- Developing custom functions to parse/standardize date formats and clean categorical data by mapping variations (e.g., 'UK'/'GB' to 'GB') and grouping infrequent categories into 'other' to reduce noise.
- Identifying significant class imbalance through visualization, setting the stage for mitigation techniques like SMOTE in the modeling phase.
Results & Impact
This initial phase resulted in a clean, well-understood, and preprocessed dataset, ready for feature engineering and machine learning modeling. The thorough cleaning and EDA provide crucial insights into feature relevance and potential issues (like imbalance), significantly improving the reliability and potential performance of subsequent malicious URL classification models. It establishes a solid foundation, preventing the "garbage in, garbage out" problem often encountered in machine learning projects.
SUTD Hackathon Project
This was a 24 Hour Project that our team have managed to make to cater to the deaf and blind people The theme for our topic was "Inclusivity & Accessibility Tech"
SUTD Hackathon Project
Project Overview
This was a 24 Hour Project that our team have managed to make to cater to the deaf and blind people The theme for our topic was "Inclusivity & Accessibility Tech". We had to learn HTML and CSS from scratch as we did not have any prior knowlege of making website before this. We also only had less than 24 hours and we was not able to sleep as we had unfinished tasks.
Overall, this website/application had features to make the lives of deaf and blind people better. Features like a text to speech feature and also a ASL sign language interpreter.
Key Features
- Implementing a Text to speech feature in the application
- Implementing a sign language to text feature using machine learning
- Custom website made from scratch in 12 hours
Technologies Used
- Python for text to speech
- HTML for the backbone of thw website
- CSS to make the website prettier
Challenges & Solutions
A big challenge for my team was that we did not know how to code HTML and CSS when we first entered the commpetition. I was tasked with having to design and build the website. Soending the whole night without sleep, I was constantly searching the internet for tips and to gain knowledge on how to make the skeleton of the website.
Results & Impact
At the end of the competition, Im proud to say that the website was completed and the features were also ready to be used. Although one feature was not working at the time, I still considered it a win for us because within the span of 24 hours, Wemanaged to learn HTML, CSS and machine leaning with python.
Shell Emmulator in C
A command-line shell emulator in C that mimics the functionality of a basic shell (like Bash or Command Prompt).
Shell Emmulator in C
Project Overview
I developed a command-line shell emulator in C that mimics the functionality of a basic shell (like Bash or Command Prompt). The program allows users to execute various commands, such as navigating directories, listing files, reading file contents, displaying system information, and managing command history.
Key Features
- Built-in commands like cd, pwd, ls, cat, echo, sysinfo, and exit
- Dynamic memory allocation for command history and error handling for invalid inputs.
- Command parsing
- Interact with local file system
- Read file contents
- Error Handling
Technologies Used
- Visual Studio Code for coding platform
- C programming language for core components
- Windows API to interact with the local file system and machine
- Dynamic memory allocation using malloc
Challenges & Solutions
The main challenge was understanding the Windows API function calls. It took a long time to read many documentations on how to implement different functions and how it all links to one another. Another challenge is that C language is a very dangerous language that can lead to buffer overflow. Using safe functions like strncpy or fgets.
Results & Impact
This project was an excellent opportunity to deepen my understanding of system programming, Windows API, and low-level C programming. It also helped me gain hands-on experience with file handling, memory management, and command parsing.
SIEM Implementation & Attack Simulation
Created a Datadog SIEM setup, Proxmox lab, endpoints, attack simulation, log collection, rule creation, and analysis.
SIEM Implementation & Attack Simulation
Project Overview
This project involved building a simulated Security Operations Center (SOC) environment using Proxmox VE virtualization and a Datadog Cloud SIEM. The primary goal was to configure log collection from diverse endpoints (Linux, Windows) and security tools (Suricata, Zeek, Cisco Secure Endpoint), simulate a wide range of cyberattacks (including DoS, Network Scanning, Brute Force, Data Exfiltration, Ransomware, Malware Infection, Reverse Shell, and ARP Poisoning), create custom detection rules and alerts within the SIEM, and analyze the resulting logs and alerts to understand and demonstrate threat detection, analysis, and response processes in a practical setting.
Key Features
- Virtualized Lab Environment - Proxmox
- SIEM Implementation
- Comprehensive Log Source Integration
- Advanced SIEM Configuration
- Diverse Attack Simulation
- Threat Intelligence Application
Technologies Used
- Datadog Cloud SIEM
- Proxmox VE 8.0.3
- Suricata, Zeek
- Cisco Secure Endpoint
- Windows Event Logs, Linux Journald
- Python (for attack/ransomware scripts), PowerShell (for ARP detection script, log configuration)
Challenges & Solutions
Configuring the log processing pipelines, particularly for the detailed JSON outputs of Zeek and Suricata, was challenging. Ensuring accurate parsing and mapping of diverse fields to Datadog's standard attributes required meticulous study of log formats, Datadog documentation, and iterative testing to achieve correct normalization for effective correlation and alerting.
Results & Impact
from this project, we had successfully established a functional, multi-component cybersecurity lab environment capable of simulating and analyzing cyber threats. And created effective dashboards providing centralized visibility into network traffic (Zeek), IDS alerts (Suricata), endpoint activity (CSE), and system events (Windows/Journald).
HackTheBox Seasonal Machines
I've completed Season 6 and 7 on HackTheBox Labs, and it was my first and second attempt at a seasonal event and I've managed to reach Silver Tier!
HackTheBox Seasonal Machines
Project Overview
This season taught me so much about the tools and techniques needed to effectively pen-test machines. Hack The Box continues to be a fantastic platform for sharpening my penetration testing skills and diving deep into real-world cybersecurity scenarios. This season challenged my limits and enriched my knowledge of vulnerability exploitation, network security, and threat hunting. I worked with a range of tools, from using netexec to perform RID brute-forcing on an SMB service (a technique for enumerating user accounts on a Windows system) to exploring local privilege escalation techniques using known CVEs. Whether it's dissecting complex networks or uncovering hidden vulnerabilities, each box presents a new challenge and an opportunity to grow.
Key Features
- Netexec to perform RID brute-forcings
- Local privilege escalation techniques
- Using Linpeas to enumerate weaknesses in linux to privilege escalate
- Learning about Common CVEs present on multiple CMS
- Improved enumeration skills and techniques and also linux file systems
- Understanding the basic services found on windows Active Directory - Kerberos, SMB, Winrm
Technologies Used
- Netexec for brute-forcing and attempting pass the hash techniques
- Nmap for scanning the host for open and vulnerable ports
- evil-winrm to gain access to insecure winrm services
- Linpeas and Winpeas to find low hanging fruits for privilege escalation
- Manual enumerating on machines to find plain-text passwords
- Understanding OWASP-TOP10 like XSS and SQLi for initial foothold of machine
Challenges & Solutions
A significant challenge at the start was that i did not have prior experience to this season. I was new to hacking and I did not know the tools and techniques when facing an Active Directory or just a normal linux machine with a website. Getting to understand different services was hard at the start as all the terms was new to me. but I slowly practiced my skills on retired machines and watched walkthroughs on machines by Ippsec which helped me get the hang of the machines.
Results & Impact
At the end, i managed to pwn most of the easy machines as it was moslty straight forward. However i was still not able to gain foothold of the medium machines as my skills and expertice is not yet in that level. I really enjoyed hacking these "real-world" machines and I hope to continue hacking in the coming future.
Rust IOC File Scanner
A Simple IOC Scanner made in Rust that takes a file and searches for IP Addresses, Domain Names, etc.
Rust IOC File Scanner
Project Overview
Rust is so hard, this project teached me about ownership and borrowing in Rust, it also teaches me Windows API and how to operate Rust.
Key Features
- TBC
Technologies Used
- Visual Studio Code for coding platform
- Rust programming language for core components
- Windows API to interact with the local file system and machine
Challenges & Solutions
RUST IS SO HARD WTH
Results & Impact
Still In Progress